<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Hash Cracker</title>
<style type="text/css">
<!--
body,td,th {
    font-family: Geneva, Arial, Helvetica, sans-serif;
    color: #00FF00;
    font-weight: bold;
}
body {
    background-color: #000000;
}
a:link {
    color: #FF0000;
    text-decoration: none;
}
a:visited {
    text-decoration: none;
    color: #00FF00;
}
a:hover {
    text-decoration: none;
    color: #99FFFF;
}
a:active {
    text-decoration: none;
    color: #9900FF;
}
.style3 {
    color: #00FF00
    }
a {
    font-weight: bold;
}
-->
</style>
<meta **********="Content-Type" *********"text/html; charset=windows-1252"></head>
<body>
<style type='text/css'>
body {
    background-color: #000000;
    color: green;
    font-family:courier new;
    font-size:12px;
}
text,input,table,tr,td,th {
    border-color: green;
    border-style: solid;
    border-width: 1px;
    color: green;
    background:#0f0f0f;
    font-family:courier new;
    font-size:12px;
}
</style>
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST">
  <center>
  <br>
<font color="#969696" size="3.5">
  <pre>

</pre></font>
  
  <br>
Please Enter your hash to the textbox below <br>
<br>
<input name="hash" type="text" class="style3" size="32"><br><br>
<input type="submit" class="style3" value="Crack Me..."></center>
</form>
<?php

define (MD4, "md4");
define (MD5, "md5");
define (SHA1, "sha1");
define (SHA224, "sha224");
define (SHA256, "sha256");
define (SHA384, "sha384");
define (SHA512, "sha512");
define (REPEMD, "rmd160");
define (LM, "lm");
define (NTLM, "ntlm");
define (MYSQL, "mysql");
define (CISCO7, "cisco7");
define (JUNIPER, "juniper");
define (GOST, "gost");
define (WHIRLPOOL, "whirpool");
define (LDAP_MD5, "ldap_md5");
define (LDAP_SHA1, "ldap_sha1");

$browsers = array (
	0 => ("Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Crazy Browser 1.0.5)"),
        1 => ("curl/7.7.2 (powerpc-apple-darwin6.0) libcurl 7.7.2 (OpenSSL 0.9.6b)"),
        2 => ("Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0"),
        3 => ("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:2.0b8pre) Gecko/20101213 Firefox/4.0b8pre"),
        4 => ("Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)"),
        5 => ("Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)"),
        6 => ("Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) chromeframe/10.0.648.205"),
        7 => ("Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)"),
        8 => ("Opera/9.80 (Windows NT 6.1; U; sv) Presto/2.7.62 Version/11.01"),
        9 => ("Opera/9.80 (Windows NT 6.1; U; pl) Presto/2.7.62 Version/11.00"),
        10 => ("Opera/9.80 (X11; Linux i686; U; pl) Presto/2.6.30 Version/10.61"),
        11 => ("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2"),
        12 => ("Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.872.0 Safari/535.2"),
        13 => ("Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.812.0 Safari/535.1"),
        14 => ("Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)")
);

$hash_lower = strtolower(trim($_POST["hash"]));

if(ereg("([0-9a-f]{32})", $hash_lower)) {
    $urls = array(
                 
                 //HASH CRACKING SRVC STARTING (Used :: 24 Instance) ::::

                 // schwett :: http://schwett.com (Supp :: MD5)
                 0 => ("http://schwett.com/md5/index.php?md5value=".$hash_lower."&md5c=Hash+Match"),
                 // netmd5crack :: http://www.netmd5crack.com (Supp :: MD5)
                 1 => ("http://www.netmd5crack.com/cgi-bin/Crack.py?InputHash=".$hash_lower),
                 // md5-cracker :: http://www.md5-cracker.tk (Supp :: MD5)
                 2 => ("http://www.md5-cracker.tk/xml.php?md5=".$hash_lower),
                 // benramsey :: http://tools.benramsey.com (Supp :: MD5)
                 3 => ("http://tools.benramsey.com/md5/md5.php?hash=".$hash_lower),
                 // gromweb :: http://md5.gromweb.com (Supp :: MD5)
                 4 => ("http://md5.gromweb.com/query/".$hash_lower),
                 // hashcracking :: http://md5.hashcracking.com (Supp :: MD5)
                 5 => ("http://md5.hashcracking.com/search.php?md5=".$hash_lower),
                 // hashcracking :: http://victorov.su (Supp :: MD5)
                 6 => ("http://victorov.su/md5/?md5e=&md5d=".$hash_lower),
                 // thekaine :: http://md5.thekaine.de (Supp :: MD5)
                 7 => ("http://md5.thekaine.de/?hash=".$hash_lower),
                 // tmto :: http://www.tmto.org (Supp :: MD5)
                 8 => ("http://www.tmto.org/api/latest/?hash=".$hash_lower."&auth=true"),
                 // md5-db :: http://md5-db.de (Supp :: MD5)
                 9 => ("http://md5-db.de/".$hash_lower.".html"),             
                 // ophcrack :: http://www.objectif-securite.ch (NTLM, LM Hash Supp)
                 10 => ("http://www.objectif-securite.ch/en/products.php?hash=".$hash_lower), // ?????
                 // rednoize :: http://md5.rednoize.com (Supp :: MD5)
                 11 => ("http://md5.rednoize.com/?p&s=md5&q=".$hash_lower),
                 // rednoize :: http://md5.rednoize.com (Supp :: SHA1)
                 12 => ("http://md5.rednoize.com/?p&s=sha1&q=".$hash_lower),
                 // cacin :: http://cacin.net  (Supp :: CISCO7)
                 13 => ("http://cacin.net/cgi-bin/decrypt-cisco.pl?cisco_hash=".$hash_lower),
                 // ibeast :: http://www.ibeast.com (Supp :: CISCO7)
                 14 => ("http://www.ibeast.com/content/tools/CiscoPassword/decrypt.php?txtPassword=".$hash_lower."&submit1=Enviar+consulta"),
                 // askcheck :: http://askcheck.com (Supp :: MD4, MD5, SHA1, SHA256)
                 15 => ("http://askcheck.com/reverse?reverse=".$hash_lower),
                 // fox21 :: http://cracker.fox21.at (Supp :: MD5, LM, NTLM)
                 16 => ("http://cracker.fox21.at/api.php?a=check&h=".$hash_lower),
                 // nicenamecrew :: http://crackfoo.nicenamecrew.com (Supp :: MD5, SHA1, LM)
                 17 => ("http://crackfoo.nicenamecrew.com/?t=".$hash_lower),
                 // md5lookup :: http://md5-lookup.com (Supp :: MD5)
                 18 => ("http://md5-lookup.com/livesearch.php?q=".$hash_lower),
                 // sha1lookup :: http://sha1-lookup.com (Supp :: SHA-1)
                 19 => ("http://sha1-lookup.com/livesearch.php?q=".$hash_lower),
                 // sha256-lookup :: http://sha-256.sha1-lookup.com (Supp :: SHA-256)
                 20 => ("http://sha-256.sha1-lookup.com/livesearch.php?q=".$hash_lower),
                 // ripemd-lookup :: http://www.ripemd-lookup.com (Supp :: RIPEMD)
                 21 => ("http://www.ripemd-lookup.com/livesearch.php?q=".$hash_lower),
                 // drasen.net :: http://md5.drasen.net (Supp :: MD5)
                 22 => ("http://md5.drasen.net/search.php?query=".$hash_lower),
                 // "goog.li :: http://goog.li (Supp :: MD5, MYSQL, SHA1, SHA224, SHA384, SHA256, SHA512, RIPEMD, NTLM, GOST, WHIRLPOOL, LDAP_MD5, LDAP_SHA1)
                 23 => ("http://goog.li/?q=".$hash_lower),
				 // hashchecker :: www.hashchecker.com (Supp :: MD5)
				 24 => ("http://www.hashchecker.com/index.php?_sls=search_hash")
                 );

    $params = array(
                    // For Dyn use exmpl :  2 => ("hash=" . $hash_lower . "&submit=Submit")
                    
                    0 => (null),
                    1 => (null),
                    2 => (null), 
                    3 => (null),
                    4 => (null),
                    5 => (null),
                    6 => (null),
                    7 => (null),
                    8 => (null),
                    9 => (null),
                    10 => (null),
                    11 => (null),
                    12 => (null),
                    13 => (null),
                    14 => (null),
                    15 => (null),
                    16 => (null),
                    17 => (null),
                    18 => (null),
                    19 => (null),
                    20 => (null),
                    21 => (null),
                    22 => (null),
                    23 => (null),
					24 => ("search_field=" . $hash_lower. "&Submit=search")
                    );

    $patterns = array(
                     0 => ("/<h3>(.*)<\/h3><br \/>/"),
                     1 => ("/<\/td><td width=\"35%\"><b>(.*)<\/b><\/td><\/tr>/"),
                     2 => ("/<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>(.*)<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>cracked<\/TD><\/TR>/"),
                     3 => ("/<string>(.*)<\/string>/"),
                     4 => ("/(.*)/"),
                     5 => ("/Cleartext of " . $hash_lower . " is (.*)/"),
                     6 => ("/<\/td><td>md5 Database<\/td><td>" . $hash_lower . "<\/td><td bgcolor=#FF0000>(.*)<\/td><td>/"),
                     7 => ("/<br><br><b>(.*)<\/b><\/td><td><\/td>/"),
                     8 => ("/<result hash=\"".$hash_lower."\" type=\"md5\" text=\"(.*)\"\/>/"),
                     9 => ("/<strong>Es wurden 1 mogliche Begriffe gefunden, die den Hash ".$hash_lower." verwenden:<\/strong><ul><li>(.*)<\/li>/"),
                     10 => ("/<b>(.*)<\/b><br><br>/"),
                     11 => (null),
                     12 => (null),
                     13 => ("/<\/div><div class=\"result\">" . $hash_lower . ":(.*)<br\/>/"),
                     14 => (null),
                     15 => (null),
                     16 => ("/".$hash_lower."\" plaintext=\"(.*)\"\\//"),
                     17 => (null),
                     18 => ("/<td>(.*)<\/td>/"),
                     19 => ("/<td>(.*)<\/td>/"),
                     20 => ("/<td>(.*)<\/td>/"),
                     21 => ("/<td>(.*)<\/td>/"),
                     22 => ("/(.*)<\/b><\/h5>/"),
                     23 => ("/<br \/><br \/>cleartext&nbsp;&nbsp;&nbsp;&nbsp;: (.*)<br \/>/"),
					 24 => ("/<td><li>Your md5 hash is :<br><li>" . $hash_lower . " is <b>(.*)<\/b> used charl/")
                     );
					 

    if((count($urls) !== count($params)) || (count($urls) !== count($patterns)) || (count($params) !== count($patterns))) { die("Error"); }
    echo ("<center>");
    for($i = 0; $i < count($urls); $i++) {
        echo "\n<br>\n";

        $url = $urls[$i];
        $param = $params[$i];
        $pattern = $patterns[$i];

        $message = ereg_replace("(http|https)://", null, $url);
        $message = ereg_replace("/(.*)", null, $message);

        $ch = curl_init();
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, "4");
        if(!empty($param)) {
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
        }
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_USERAGENT, $browsers[rand(0,14)]);
        curl_setopt($ch, CURLOPT_TIMEOUT, "4");
        $result = @curl_exec($ch);
        curl_close($ch);

        if(!empty($result)) {
            if(empty($pattern)) {
                $final = $result;
            } else {
                preg_match($pattern, $result, $final);
                $final = $final[1];
            }
        }

        echo (md5($final) === $hash_lower || md5(htmlentities($final)) === $hash_lower)?("[+]" . $message . ": <b>" . htmlentities($final) . "</b>"):("[-]" . $message . ": Not Found");
    }
}





?>
</center>
<br>
</div>
</body>